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What is claimed is: 



1 1. 



An ephemeral-output-only browser. 



2. 



A system for protecting content distributed through a network comprising: 
a client computer operable for connecting to the network and for executing a 
client program yiat limits user control over the content distributed through the network; 
and 

a server computer operable for connecting to the network and for executing a 
security program for securing the content distributed through the network. 



1 3. The system of claim 2, wherein jfee client program is ^n ephemeral-output-only 

2 web browser. 
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1 4. The system of claim 2, wherein the clieWprpfram is an add-in security module 

2 for executing as part of a standard web browse>^nd wherein user control over 

3 reproduction of the content, in/at least one form, is limited. 
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5. The system of clai/h 2, wherein the client program executes as a separate window 
in a standard web browser and wherein user control over reproduction of the content, in at 
least one form, is lir 

6. The system of claim 2, wherein the security program distributes the content to the 
client computer only when the client computer is executing the client program, in at least 
one form, is limite 
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1 7. The system of claim 2, wherein the security/program secures the content using a 

2 common security model. 



1 8. The system of claim 2, wherein the /ecurity program, 

2 content using an individual security model. 



l portion of the 



1 9. The system of claim 2, wherein the client/program limitsyuser control over the 

2 content through a technique chosen from the group consistingyof: 
message monitoringy6lipboard flushing, function enabling, source code 

4 encryption, content localisation, secure document packaging, cache encryption, and 

5 device content monitoring, 

6 and wherein user control over reproduc)i6n of the content in any non-ephemeral 

7 output manner is prevented. 



1 10, A method of enabling a provider to protect content distributed on a network 

2 corhprising:\ 

3 acquiring a server security program; 

4 executing the server security program on a server computer connected to the 

5 network; and 

6 distributing the content only to a client computer executing a limited-user client 

7 program which limits reproduction of the content in at least one form. 



1 11. 

2 



1 12. 



The method of claim 10, further (jomprisinjgr 
acquiring a plurality of copies of 
downloading one of the plurality 



acquiring a plurality of copies of the limited-user client program; and 



f'coriies/to the client computer. . . 

The method of claim 10, wherein disUibutip/the content comprises: 
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obtaining a promise of compensation from a user/of the client computer. 



1 13. The method of claim 12, wherein the compensation is a one-time fee. 



1 14. The method of claim 12, wherein the compensatipri^Tastibscription fee. 



a 
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1 15. The method of claim 12, wherein trip compensation is a per-ses 



1 16. The method of claim 12, wherein the compensation is a per-access fee. 




sion fee. 



1 17. The method of claim 12, wherein the liAuted-use cljjsnt program disables a certain 

2 user function and the compensation comprises a feejorre-enabling the certain user 

3 function. 

1 18. The method of claim p 9 wherein the certain user function modifies the content. 

1 19. The method of claim 17, wherein the certain user function copies the content to a 

2 different medium. 



1 \2^( A method of receiving compensation for a security system for protecting content 

2 distributed on a network comprising: 

3 selling a server seiuritjy program to a content provider; and 

4 selling a plurality df copies for a limited-use client program to the content 



5 provider for licensing to users wishing to access the content. 
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21. The method of claim 20, wherein the compensation is received at least from one 
of (a) when the server security program is executed by the content provider and (b) when 
the content provider licenses one of the plurality of copies. 

22. The metpod p^claim 20, wherein the server security program distributes the 
content to a client /system if the client system has a limited-use client program and 
wherein the limited-use client program limits reproduction of the content in at least one 
way. 

23. The methodpf claim 20, wherein the compensation is based on advertising 
revenue obtained by the content provider based on advertising displayed in connection 
with a user accessing content protected by the security system. 

24. A methoty for controlling access to information presented by a web browser 
comprising: 

presenting \content within a browser window of the web browser; and 
disabling a disallowed user function when the content is within the browser 
window. 

25. The method of claim 24, whereir/ disabling the disallowed user function 
comprises: 

intercepting a message posted tfo the browser window; and 
hiding the content if the browser is not a foreground application. 

26. The method of claim 24, wr/erein disabling the disallowed user function 
comprises: 



03936.P001 



-34- 



3 clearing a commonly shared intej-application memory when the inter-application 

4 memory is accessed. 



1 27. The method of claim 24 wherein 

2 comprises: 

3 hiding a user menu selection co 



disabling the disallowed user function 
esponding to the disallowed user function. 



1 28. The method of claim 24, wherein disabling the disallowed user function 

2 comprises: 

3 intercepting a keyboard message; 

4 discarding the keyboard message in it corresponds to the disallowed user function. 



1 29. The method of claim 24, wherein disabling the disallowed user function 

2 comprises: 

3 monitoring a context for a device; anV 

4 discarding a user action directed to th£ device when the context matches the 

5 content. 

1 30. The method of clam 24, wherein the disallowed user function is one of a plurality 

2 of default disallowed user functions and further comprising: 

3 leaving active one of the plurality of default disallowed user functions. 



1 31. The method of 30, further comprising providing information with the content that 

2 determines the one of the plurality of default disallowed user functions to be left active. 
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1 32. The method of claim 24 wherei i the disallowed user function is selected from the 

2 group consisting of print, page setup, s; tve, save as, view source, save picture as, set as 

3 wallpaper, copy, screen capture, screen print, cut. 



1 33. The method of claim 24 further comprising managing authentication of a web 

2 client. 

/ ) 

1 ^J^- The method of claim 24 further comprising processing a request from a web client 

2 for encrypted content. 



1 35. The method of claim 24 further comprising creating a unique identifier for a web 

2 client. 

1 36, The method of claim 24 further comprising encrypting the content with a key 

2 based on the unique identifier for the web client. 

1 37. The method of claim 24 wherein the (content comprises user perceivable 

2 information in a hyper-text markup language! (HTML) format. 

1 38. The method of claim 24 wherein the content comprises user perceivable streaming 

2 information. 

1 39. The method of claim 24 wherein the content comprises at least one of video 

2 information and audio information. 



1 40. The method of claim 24 wherein the disallowed user function comprises a user 

2 function which, when allowed, provides for non-ephemeral reproduction of the content. 
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1 41. The method of claim 24 wherein 

2 information in a scripting language 



y| ^ 1 42. The method of claim 24 wfterein 
2 . information in a common gateway 




1 
2 
3 
4 



in the content comprises user perceivable 
format. 



in the content comprises user perceivable 
interface (CGI) language format. 




1 43. The method of claim 24 wllerein the content comprises user perceivable 

2 information it^aJA VA lan guage format. 

44. A cWputer-readable medium having stored thereon computer executable 
instructions\to cause a client digital processing system and a server digital processing 
system to perform a method comprising: 

transmitting content from the server digital processing system to the client digital 
processing system over a network; 

presenting ijie content within a browser window on the client digital processing 
system; and 

disabling a disallowed user function when the content is within the browser 
window wherein the disallowed user function comprises a user function which, when 
allowed, provides for non-ephemeral reproduction of the content. 



45. The computer-readable medium pf clai 

function comprises; 

intercepting a message posted tA the 
hiding the content if the browser is n 




in disabling the disallowed user 
w; and 

d application. 



1 46. The computer readable mediujn of claim 44 wherein disabling the disallowed user 

2 function comprises: 
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clearing a commonly shared inter-application rrjemory if the inter-application 
memory is accessed. 

47. The computer readable medium of claim 44 ^herein disabling the disallowed user 
function comprises: 

hiding a user menu selection corresponding to the disallowed user function. 

48. The computer readable medium of claiiji 44, wherein disablingjhe disallowed 
user function comprises: 

intercepting a keyboard message; anc 

discarding the keyboard message if it corresponds to the disallowed ujser function. 

49. The computer readable medium pf claim 44j y wherein disabling theydisallowed 
user function comprises: 

monitoring a context for a device; and 

discarding a user action directed to the device )£hen the qjefhtext matches the 
content. 

50. The computer readable medium of claim 44 further comprising instructions to 
cause the server digital processing system to manage the authentication of the client 
digital processing system. 



5 1 . The computer readable medium of claim 44 further comprising instructions to 
cause the server digital processing system to process a request from of the client digital 
processing system for encrypted content. 
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1 52. The computer readable medium of claim 44 further comprising instructions to 

2 cause the client digital processing system to create jk unique identifier for the client digital 

3 processing system. 



1 53. The computer readable medium of claim 52 furt 

2 cause the client digital processing system to encrypt tj/e 

3 unique identifier. 



er comprising instructions to 
;ontent with a key based on the 
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54. The computer readable mediumyof claim 4(4 v/hefein the pre-determined function 
is selected from the group consisting 6f print, pagl^etup, save, save as, view source, save 
picture as, set as wallpaper, copy, screen capture, screen print, cut. 

55. A client digital processing system for controlling access to content presented by a 
web browser, the client digital processing system comprising: 

a processor; 

a network interface logically coupled to the processor to receive the content; 

a browser logically coupled to the network interface to present the content within 
a browser wincrow; and 

a security module logically coupled to the browser to disable disallowed user 
functions when the content is in the browser window wherein the disallowed user 
function comprises \ user function which, when allowed, provides for non-ephemeral 
reproduction of the content. 



sing I 



1 56. The client digital processing $ysti 

2 comprises: 

3 a message monitor to intercep 




5, wherein the security module 
fasted to the browser window; and 
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4 a browser controller logically coupled tj> the message monitor to hide the content 

5 if the browser is not a foreground application^ 



1 57. The client digital processing system of claim 55/wherein the security module 



2 comprises a browser controller that clears a common)) 

3 when the inter-application memory is accessed. 



shared interfapplication memory 



1 58. The client digital processing system of claim 55, wherein the security module 

2 comprises a browser controller that encrypts the content/ 
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59. A server digital processing! system for controlling access to content distributed to 
a client digital processing system, the server digital processing system comprising: 

a processor; 

a network interface logically coupled to the processor to receive a request for the 
content from the client digital processing system; 

a server module logically coupled to the network interface to distribute the content 
to the client digital processing system in response to the request; and 

a security module logically coupled to the server module to determine if the 
request is from a clienVtiigital processing system executing a limited-use client program 
which prevents at least one form of non-ephemeral reproduction. 

60. The server digital processing sys/em of clairr/59, wherei^ the security module is 
further operable to: 

create a secure document object containir/g the :ontent/f the content is protected 
under an individual security model; ahd 

pass the secure document object to the server.module for distribution in response 
to the request. 
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1 61. The server digital processing system of claim SJ^wfierein the security module is 

2 further operable to: 

3 encrypt the content if the conietit is protected under ^e6mmon security model; 

4 and 

5 pass the encrypted content to the server moduj^for distribution in response to the 

6 request. 



1 62/ A cornputer-readable medium having stored thereon computer executable 

2 instructions to\cause a client digital processing system to perform a method comprising: 

3 receiving protected content from a server digital processing system; 

4 presenting the protected content within a browser window; and 

5 disabling disallowed user functions when the protected content is in the browser 

6 window wherein the\disallowed user function comprises a user function which, when 

7 allowed, provides for non-ephemeral reproduction of the content. 



1 63. The computer-readable medium 1 of claim 62 further comprising: 

2 intercepting a message posteaVto the browser window; and 

3 hiding the protected content jf the browser is not a foreground application. 

1 64. A computer readable medium of claim 62 wherein the disallowed user function is 

2 enabled when content in the brow/ser window is not designated to be protected such that 

3 non-ephemeral reproduction of such content is allowed. 



1 65. A computer-readable medium having stored thereon computer executable 

2 instructions to tause a server digital processing system to perform a method comprising: 
receiving a request for protected content from a client digital processing system; 
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determining if the request is from a client digital processing system executing a 
limited-use client program; and 

distributing me protected content to the client digital processing system in 
response to the request only if the client digital processing system is executing the 
limited-use client program, wherein the limited-use client program prevents at least one 
form of non-ephemeral reproduction of the protected content. 



66. The computer-readable medium of I laim 65, further comprising: 

creating a secure document object containing the protected content if the content 

is protected under an individual security model; and 

passing the secure document objef t to the server module for distribution in 

response to the request. 



67. The computer-readable medium pf claim 65 
encrypting the protected content/ if the cont] 

security model; and 

passing the encrypted content tjb the server 

the request. 



further comprising; 

ed under a common 




for distribution in response to 



68. A computer readable medium of claim 65 wherein the limited-use client program 
disables a disallowed user function that comprises a user function which, when allowed, 
provides for non-ephemeral reproduction of the content. 



69. A computer readable medijum of claim 68 wherein the disallowed user function is 
enabled when content is not designated to be protected such that non-ephemeral 
reproduction of such content is allowed. 
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70. A computer readable medium of claim 69 whecein non-ephemeral reproduction of 
the protected content is allowed after a transaction bj/iween the client digital processing 
system and the server digital processing system. 

71. A computer readable medium of claim 70 wherein the transaction comprises at 
least one of a compensation to a provider of tne protected content or an exchange of 
identification of the client digital processing system. 

72. A computer readable medium Ijaving stored therec*ra""secT>r^ document package 
data structure comprising: 

a document package headef field containing data representing) a description for the 
secure document package; 

a delivery object field containing data representing executable code to manage the 
secure document package described by thefdocume^it package header field; and 

a document field containing data representing conten/contained in the secure 
document package described by the document package header field. 

73. The computeyreadable medium^ilbkrrn 72, wherein the document package 
header field comprises: 

a package Identifier field containing data representing an identifier for the secure 
document package. 



74. The computer readable medium of claim 72, wherein the document field 
comprises: 

a document identifier field containing data representing an identifier for the 
content. 
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1 75. A computer data signal embodied in a carrier wave ana encoding a data structure 

2 containing protected content comprising: 
a document package header field containing dajA representing a description for the 

secure document package; 

a delivery object field containing data representing^xecutable code to manage the 



secure document package described by the documenfpackage heac 



a document field containing data representing content contained in the secure 



/ 



8 document package described by the document package header fiel 



r field; and 
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1 76. The computer readable ^medium of cla^m 75,/vherein tj*e document package 

2 header field comprises: 

3 a package identifier field containing data representing an identifier for the secure 

4 document package. 

1 77. The computer readable medium of claim 75, wherein the document field 

2 comprises: 

a document identifier field containing data representing an identifier for the 
ent. 




78. A system for controlling reproduction of content on a client computer comprising: 
meansUor receiving content to be protected; and 
means for displaying the protected content on the client computer while 
preventing at leas\one form of reproduction of the content. 



1 79. 




The system of claim 78, wherein the means for displaying comprises: 
means for disabling user functions that reproduce the content. 
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80. The system of claim 79, wl erein the means for displaying further comprises: 
means for enabling disable 1 user functions under pre-determined conditions. 

81 . A system for controlling reproduction of content stored on a server computer 
comprising: 

means tor protecting content stored on the server; 
means for receiving a request for the protected content; and 
means foi determining if the request is from a requestor that limits reproduction of 
protected content J 



82. The system of claim 8 1 f whereir 

means for creating a secure dociiment 



the means for protecting comprises: 
object containing the content. 



83. The system of claim 81, wherein rfie means for protecting comprises: 
means for encrypting the content. 
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